safec  2.1
Safe C Library - ISO TR24731 Bounds Checking Interface
memcpy_s.c
Go to the documentation of this file.
1 /*------------------------------------------------------------------
2  * memcpy_s
3  *
4  * October 2008, Bo Berry
5  *
6  * Copyright (c) 2008-2011 Cisco Systems
7  * All rights reserved.
8  *
9  * Permission is hereby granted, free of charge, to any person
10  * obtaining a copy of this software and associated documentation
11  * files (the "Software"), to deal in the Software without
12  * restriction, including without limitation the rights to use,
13  * copy, modify, merge, publish, distribute, sublicense, and/or
14  * sell copies of the Software, and to permit persons to whom the
15  * Software is furnished to do so, subject to the following
16  * conditions:
17  *
18  * The above copyright notice and this permission notice shall be
19  * included in all copies or substantial portions of the Software.
20  *
21  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
23  * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
25  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
26  * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
27  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
28  * OTHER DEALINGS IN THE SOFTWARE.
29  *------------------------------------------------------------------
30  */
31 
32 #include "safeclib_private.h"
33 #include "safe_mem_constraint.h"
34 #include "mem_primitives_lib.h"
35 #include "safe_mem_lib.h"
36 
37 
78 errno_t
79 memcpy_s (void * restrict dest, rsize_t dmax, const void * restrict src, rsize_t smax)
80 {
81  uint8_t *dp;
82  const uint8_t *sp;
83 
84  dp = (uint8_t*) dest;
85  sp = (uint8_t*) src;
86 
87  if (dp == NULL) {
88  invoke_safe_mem_constraint_handler("memcpy_s: dest is NULL",
89  NULL, ESNULLP);
90  return RCNEGATE(ESNULLP);
91  }
92 
93  if (dmax == 0) {
94  invoke_safe_mem_constraint_handler("memcpy_s: dmax is 0",
95  NULL, ESZEROL);
96  return RCNEGATE(ESZEROL);
97  }
98 
99  if (dmax > RSIZE_MAX_MEM || smax > RSIZE_MAX_MEM) {
100  invoke_safe_mem_constraint_handler("memcpy_s: dmax/smax exceeds max",
101  NULL, ESLEMAX);
102  return RCNEGATE(ESLEMAX);
103  }
104 
105  if (smax == 0) {
106  mem_prim_set(dp, dmax, 0);
107  invoke_safe_mem_constraint_handler("memcpy_s: smax is 0",
108  NULL, ESZEROL);
109  return RCNEGATE(ESZEROL);
110  }
111 
112  if (smax > dmax) {
113  mem_prim_set(dp, dmax, 0);
114  invoke_safe_mem_constraint_handler("memcpy_s: smax exceeds dmax",
115  NULL, ESNOSPC);
116  return RCNEGATE(ESNOSPC);
117  }
118 
119  if (sp == NULL) {
120  mem_prim_set(dp, dmax, 0);
121  invoke_safe_mem_constraint_handler("memcpy_s: src is NULL",
122  NULL, ESNULLP);
123  return RCNEGATE(ESNULLP);
124  }
125 
126 
127  /*
128  * overlap is undefined behavior, do not allow
129  */
130  if( ((dp > sp) && (dp < (sp+smax))) ||
131  ((sp > dp) && (sp < (dp+dmax))) ) {
132  mem_prim_set(dp, dmax, 0);
133  invoke_safe_mem_constraint_handler("memcpy_s: overlap undefined",
134  NULL, ESOVRLP);
135  return RCNEGATE(ESOVRLP);
136  }
137 
138  /*
139  * now perform the copy
140  */
141  mem_prim_move(dp, sp, smax);
142 
143  return RCNEGATE(EOK);
144 }
145 EXPORT_SYMBOL(memcpy_s)
void mem_prim_set(void *dest, uint32_t len, uint8_t value)
Sets len bytes starting at dest to the specified value.
errno_t memcpy_s(void *restrict dest, rsize_t dmax, const void *restrict src, rsize_t smax)
This function copies at most smax bytes from src to dest, up to dmax.
Definition: memcpy_s.c:79
void mem_prim_move(void *dest, const void *src, uint32_t len)
Moves at most len of bytes from src to dest.
void invoke_safe_mem_constraint_handler(const char *msg, void *ptr, errno_t error)
Invokes the currently set constraint handler or the default.